CVE-2025-62631

5.6MEDIUM

An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to main

Опубликовано: 12/9/2025Обновлено: 1/14/2026
Посмотреть на NVDПосмотреть на MITRE

Описание

An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's password change under particular conditions outside of the attacker's control

ИИ-АнализНа базе ИИ

Затронутые продукты

fortinetfortios

Ссылки